Design of Hash based Extractor and Stream based Expander – The HSKDF Scheme

Abstract

Key derivation function (KDF) is a basic cryptographic algorithm which is used to generate an arbitrary length of pseudorandom cryptographic keys from a secret string and some public string. These cryptographic keys are used to protect the confidentiality of the electronic data when transmitting over the Internet. The design of KDF is based on two phase which are extractor and expander. To date, all the key derivation functions are composed using the same cryptography ciphers for the extractor and the expander. The cryptography ciphers are stream cipher, keyed-hash message authentication code (HMAC), and block ciphers. This paper intended to show an alternative design in constructing the KDFs with combination of two different cryptography ciphers. The results have shown that extractor based on keyed-hash message authentication code and expander based on stream ciphers preserved the existing the highest security level and offer significant efficiency advantages in term of execution or running time over the existing HMAC, block cipher or stream cipher based KDFs.